CRoCS: Privacy and security blog

Today, we release new version of JCAlgTest database showing which cryptographic smartcards support what cryptographic algorithms defined in JavaCard API. If you like to know which smart card supports elliptic curves cryptography with 192bit key, AES with 256bit key and more then visit https://jcalgtest.org.

What started as an attempt to investigate how cryptographic smart cards are generating RSA key pairs ended as surprising resulting showing that library or device responsible for generating given key can be identified - based on public key only. Simply put, if you have RSA public key, we can say which library generated it. And we got Best Paper Award out of it at 25th USENIX Security Symposium, 2016. The paper name is The Million-Key Question—Investigating the Origins of RSA Public Keys.